Analysis

  • max time kernel
    149s
  • max time network
    145s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    12/08/2023, 17:46

General

  • Target

    d7443e8971985f4cbd75219edfdedde221be125432c421d6b0d1537f7d8b36d5_JC.exe

  • Size

    32KB

  • MD5

    5fae1fc204f85528336f435f2af78c5b

  • SHA1

    6e8b3b6064269f4d8c98375380232e736842eb7b

  • SHA256

    d7443e8971985f4cbd75219edfdedde221be125432c421d6b0d1537f7d8b36d5

  • SHA512

    e09a47f0742fecb7ab94148708f88ced11ca3abb5e60ef3559638e2df2acdcf036847fbbc2c325c8dc9ed82f63bba2c88b5a57536665f59efaa772f7f9bceb70

  • SSDEEP

    384:00bUe5XB4e0X+OSSCixBr/QZWTGtTUFQqzF5Obb+:RT9BudS9ifrYPPb+

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 37 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d7443e8971985f4cbd75219edfdedde221be125432c421d6b0d1537f7d8b36d5_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\d7443e8971985f4cbd75219edfdedde221be125432c421d6b0d1537f7d8b36d5_JC.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:1892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1892-54-0x0000000074AC0000-0x000000007506B000-memory.dmp

    Filesize

    5.7MB

  • memory/1892-56-0x0000000002270000-0x00000000022B0000-memory.dmp

    Filesize

    256KB

  • memory/1892-55-0x0000000074AC0000-0x000000007506B000-memory.dmp

    Filesize

    5.7MB

  • memory/1892-57-0x0000000074AC0000-0x000000007506B000-memory.dmp

    Filesize

    5.7MB

  • memory/1892-58-0x0000000074AC0000-0x000000007506B000-memory.dmp

    Filesize

    5.7MB

  • memory/1892-59-0x0000000002270000-0x00000000022B0000-memory.dmp

    Filesize

    256KB